[Snort-users] Snorby opinions

Lay, James james.lay at ...15009...
Mon Jun 6 10:18:46 EDT 2011


Excellent...thanks for the feedback all.

James

> -----Original Message-----
> From: Martin Holste [mailto:mcholste at ...11827...]
> Sent: Sunday, June 05, 2011 10:58 AM
> To: Lay, James
> Cc: snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] Snorby opinions
> 
> Snorby is great--anyone still messing around with BASE is missing out!
> 
> Also, if you want a ridiculously fast packet capture tool to integrate with
> Snorby, you can use StreamDB (streamdb.googlecode.com) as a drop-in
> replacement for OpenFPC (Snorby hooks into OpenFPC under "Packet Capture
> Options").  Your packets (streams in this case) will load instantaneously
> (versus a minute or more with OpenFPC on large pcaps).
> 
> On Fri, Jun 3, 2011 at 10:02 AM, Lay, James <james.lay at ...15009...>
> wrote:
> > Hey all!
> >
> >
> >
> > Topic says it....anyone run Snorby here?  Would love to get some
> > opinions...I'm needing something more...."pretty" (though personally I
> > think tailing .fast logs in a console is pretty).  Thanks for any input.
> >
> >
> >
> > James
> >
> > ----------------------------------------------------------------------
> > -------- Simplify data backup and recovery for your virtual
> > environment with vRanger.
> > Installation's a snap, and flexible recovery options mean your data is
> > safe, secure and there when you need it. Discover what all the cheering's
> about.
> > Get your free trial download today.
> > http://p.sf.net/sfu/quest-dev2dev2
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >




More information about the Snort-users mailing list